Nytro Posted July 17, 2013 Report Posted July 17, 2013 Samsung Galaxy S3/S4 SMS SpoofingAuthored by Z.X.The Samsung Galaxy S3 and S4 phones come with a pre-loaded application that allows for spoofing and creation of arbitrary SMS content.Hi list,I would like to inform you that the details of the vulnerability inbuilt-in system app of Samsung Galaxy S3/S4 (assigned as CVE-2013-4763and CVE-2013-4764) are now disclosed to public.In Samsung Galaxy S3/S4, a pre-loaded app, i.e.,sCloudBackupProvider.apk, is used to provide backup functionality forthe users, and it unintentially exposes several unprotectedcomponents. By exploiting these unprotected components, anunprivileged app can trigger a so-called “restore” operation to writeSMS messages back to the standard SMS database file (mmssms.db) usedby the system messaging app, i.e., SecMms.apk. As a result, a smishingattack can effectively create and inject arbitrary (fake) SMS textmessages. Similarly, fake MMS messages and call logs are alsopossible. This vulnerability has been disclosed in CVE-2013-4763.Also, these components can be sequentially triggered in a specificorder to create arbitrary SMS content, inject to system-wide SMSdatabase, and then trigger the built-in SMS-sending behavior (toarbitrary destination). This vulnerability has been disclosed inCVE-2013-4764.QIHU Inc. discovered these vulnerability and informed Samsung Corp. inJune 10, 2013. Samsung confirmed the vulerability and is now preparingan OTA update. As a temporary workaround, disable thesCloudBackupProvider.apk app would help block known attack vectors.Details of CVE-2013-4763 and CVE-2013-4764 can be also found in QIHUInc.'s official site:http://shouji.360.cn/securityReportlist/CVE-2013-4763.htmlhttp://shouji.360.cn/securityReportlist/CVE-2013-4764.htmlRegards,Z.X. from QIHU Inc.Sursa: Samsung Galaxy S3/S4 SMS Spoofing ? Packet Storm Quote
